Ganesh Viswanathan
Manager - Information Security & Compliance
📧 vganesh1919@gmail.com | 📱 9500109462
🔗 LinkedIn |
🌐 Portfolio
Objective
Experienced information security professional specializing in governance, risk, and compliance (GRC), vulnerability assessments. Proven track record in managing log event monitoring, performing security audits (ISO/IEC 27001), enhancing security posture through system hardening (firewalls, cloud, O365), and delivering security awareness training. Adept at incident response, risk management, and continuous improvement in ISMS.
Area Details
| # | Area | Details |
|---|---|---|
| 1 | ISO Standards & Frameworks | Implementing and managing controls aligned with ISO/IEC 27001, ISO 27002, Annex A, SoA, and regulatory alignment. |
| 2 | Compliance & Policy | Developing policies, conducting risk assessments, internal audits, and ensuring ISO 27001 certification compliance. |
| 3 | Governance, Risk & Compliance (GRC) | Experienced in ISO/IEC 27001:2022, ITGC, HIPAA, and conducting audits and risk assessments. |
| 4 | Enterprise Risk Management | Performing risk assessments, gap analysis, vulnerability assessments, and supporting departments with SLA tracking. |
| 5 | Executive Reporting | Presenting risk dashboards, mitigation actions, and challenges to CIO and leadership. |
| 6 | External Audit Management | Acting as SPOC for external audits and coordinating with certification bodies. |
| 7 | Internal Audits | Planning and conducting internal audits per ISO 27001, identifying gaps, and driving improvements. |
| 8 | Audit Documentation & Reporting | Documenting observations with evidence, preparing reports including NCs, and tracking corrective actions. |
| 9 | Management Reviews | Coordinating management review meetings and presenting ISMS metrics and audit results. |
| 10 | Security Awareness & Training | Conducting ISMS training, phishing simulations, and breach notification exercises. |
| 11 | Continual Improvement | Updating policies and procedures based on evolving standards and audit outcomes. |
| 12 | Security Operations | Hands-on with vulnerability assessments, log analysis, penetration testing (Nessus, Burp Suite), and incident response. |
| 13 | Technical Security Controls | Expertise in firewall hardening, cloud security, O365, and OWASP-based web application security. |
| 14 | Business Impact Analysis | Performing BIA, record classification, and defining data retention policies. |
| 15 | Business Continuity | Developing and testing BCPs through tabletop simulations. |
| 16 | Project & Client Management | Leading phishing campaigns and overseeing multiple ISMS implementations for clients. |
Professional Experience
Manager, Information Security & Compliance – Futurecalls Tech Pvt. Ltd., Chennai (2023 – Present)
- Implemented ISO/IEC 27001:2022 across multiple clients (TVS Supply Chains, Flextronics, JK Fenner, VIVA, HC Intellect, Sekura, Cogent).
- Conducted risk assessments, ISMS training, incident response simulations, and audits.
- Developed policies, managed compliance, and ensured continual improvement.
Senior Executive – Legacy Health Pvt. Ltd., Chennai (2020 – 2023)
- Conducted ISMS awareness and phishing simulations.
- Supported internal audits, updated risk registers, and managed non-conformities.
Senior Process Associate – Medical Billing Wholesalers, Chennai (2017 – 2020)
- Ensured HIPAA compliance, managed audits, and assisted in incident resolution.
AR Executive – Omega Healthcare, Chennai (2014 – 2016)
- Monitored healthcare records, ensured compliance, and enhanced security processes.
Education
Bachelor of Information Technology – Lord Venkateswara Engineering College (2010 – 2014)